Working Party on Information Security and Privacy

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Working Party on Information Security and Privacy"

Transcription

1 Unclassified DSTI/ICCP/REG(2003)5/REV1 DSTI/ICCP/REG(2003)5/REV1 Unclassified Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 02-Jul-2003 English - Or. English DIRECTORATE FOR SCIENCE, TECHNOLOGY AND INDUSTRY COMMITTEE FOR INFORMATION, COMPUTER AND COMMUNICATIONS POLICY Working Party on Information Security and Privacy IMPLEMENTATION PLAN FOR THE OECD GUIDELINES FOR THE SECURITY OF INFORMATION SYSTEMS AND NETWORKS: TOWARDS A CULTURE OF SECURITY This Implementation Plan has been revised to include comments received from delegates. This document will be issued to the ICCP on 2-3 October. It will be issued to participants at the Oslo Workshop on Information Security on October. It will be further revised following the discussions at the Oslo Workshop, if necessary. English - Or. English Contact: Anne Carblanc, Tel: ; Fax: ; JT Document complet disponible sur OLIS dans son format d'origine Complete document available on OLIS in its original format

2 IMPLEMENTATION PLAN FOR THE OECD GUIDELINES FOR THE SECURITY OF INFORMATION SYSTEMS AND NETWORKS: TOWARDS A CULTURE OF SECURITY I. Promoting a global Culture of Security 1. The revised OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security (the Guidelines ) that were adopted as a Recommendation of the OECD Council at its 1037th Session on 25 July 2002, represent a significant step forward in the OECD s efforts to promote a Culture of Security among all participants who develop, own, provide, manage, service and use information systems and networks, whether those participants are from government, business or civil society. These guidelines have been the basis for considerable implementation efforts at the national level, and are the basis for Resolution A/RES/57/239 adopted by the 57th session of the United Nations General Assembly. 2. The Guidelines respond to the ever-changing nature of the security environment by promoting the development of a culture of security that is, a focus on security in the development of information systems and networks and the adoption of new ways of thinking and behaving by all participants when using information systems and communicating or transacting across networks. The Guidelines signal a clear break with a time when secure design and use of networks and systems were too often afterthoughts. Participants are becoming more dependent on information systems, networks and related services, all of which need to be reliable and secure. Only an approach that recognises the interests of all participants, and the nature of the systems, networks, data and related services, can provide effective security. An effective action programme, well planned and co-ordinated is now essential for the implementation of the Guidelines and the promotion of a culture of security. 3. These voluntary Guidelines constitute a foundation for work towards a culture of security. The principles of Awareness, Responsibility, Response, Ethics, Democracy, Risk Assessment, Security Design and Implementation, Security Management, and Reassessment apply to all participants, but differently, depending on their roles in relation to information systems and networks. Leadership in pursuit of policies that will support the aims and objectives of these principles is essential and should encourage all participants to adopt and promote a culture of security as a way of thinking about, assessing, and acting on, the operations of information systems and networks. The promotion of a culture of security will require not only leadership but also broad participation at all levels of government, business, and civil society to heighten the priority for security planning and management, as well as to increase understanding of the need for security among all participants. The Guidelines and the related outreach campaigns should encourage participants to factor security into the design, implementation, and use of all information systems and networks. 4. Each participant is an important actor in the process of ensuring security. Participants, as appropriate to their roles, should be aware of the relevant security risks and preventive measures, assume responsibility and take steps to enhance the security of information systems and networks. They should recognize that the principles are complementary and meant to be read as a whole. Involvement of the private sector, which designs, builds, owns and operates most of the infrastructure of information systems 2

3 and networks, is required for the promotion of a culture of security. Business as well as other participants is also encouraged to formulate their own initiatives to implement the Guidelines. 5. Continued co-operation among government, business and civil society is also required in follow-up work on the Guidelines. Public-private partnerships offer a good platform for fostering such relationships. Government, as well as industry and civil society, should address the Awareness Principle first, as participants awareness of risks to information systems and networks, as well as what they can do to address those risks, is fundamental. Without awareness, action to implement the other principles is unlikely. Likewise, embracing the Responsibility Principle is a matter of urgency and will require a new and imaginative partnership among member and non-member countries, government entities, and other participants. II. Roles of government 6. Government has a responsibility to provide leadership in developing a culture of security. It should provide this leadership in each of its roles related to information systems and networks that include the development of public policy, as owner and operator of systems and networks, and as a user of such systems and networks. In developing public policy, government should promote the security of information systems and networks to engender confidence in their use and better ensure economic growth and overall security. Public policy development is a unique role of government but one that should be carried out in a transparent fashion and in consultation with other participants and concerned parties. Of particular note in this regard is government s responsibility for (a) awareness-raising; (b) ensuring the provision of education and training; and (c) the provision of information resources to the public, an activity that also assists government in fulfilling its other roles. As owner and operator of information systems and networks, government shares a role with businesses and other organisations and has responsibilities to lead by example. As a user of information systems and networks government shares a role with businesses, other organisations, and individuals for ensuring use of the system and network consistent with a culture of security. The following sections look more closely at government s responsibilities and opportunities in these various roles. A. Government responsibility for public policy 1. Develop national policy on information security and ensure cross-border co-operation to promote a global culture of security. 7. Government should recognize the increasing need for a comprehensive policy and institutional infrastructure to ensure public safety, security and economic well-being in response to the threats and vulnerabilities associated with globally interconnected information systems and networks. Governments are further encouraged to respond by establishing new or amend existing policy that may incorporate principles of the Guidelines. In doing so, principles in the Guidelines may need to be aligned with the national situation in the area, and ongoing or planned national initiatives. Such initiatives may include policies to combat cyber crimes, such as: Enacting a comprehensive set of substantive criminal, procedural and mutual assistance legal measures to combat cybercrime and ensure cross-borders co-operation. These should be at least as comprehensive as, and consistent with, the Council of Europe Convention on Cybercrime (2001). Identifying national cybercrime units and international high-technology assistance points of contact and creating such capabilities to the extent they do not already exist; and Establishing institutions that exchange threat and vulnerability assessments [such as national CERTs (Computer Emergency Response Teams)]. 3

4 Developing closer co-operation between government and business in the fields of information security and fighting cybercrime. 8. The development of these policies should be consistent with the Guidelines, in particular, the principles on ethics and democracy that provide the societal references for addressing security. These public policies should also be developed in conjunction with other participants (business, other organisations and users) to better ensure transparency and that the aims of the Guidelines principles can be met in an effective manner. 2. Outreach and support for other participants 9. A second aspect of government s public policy role is to conduct outreach and support efforts by all participants to address security. In the first instance government action should raise awareness of law and policy that address cybersecurity. Beyond this, government should facilitate awareness and appropriate responses by other participants through programmes and initiatives. 10. These efforts could include, but not be limited to, highlighting the nature of the problem, assisting participants to address their security responsibilities, supporting education and training, establishing points of contact and resource sites for practical information, and removing obstacles to action by participants. Government should also consider support for R&D, the development of best practices, and building partnerships among participants to address information security. As part of its public policy role, government can utilise its significant purchasing power and system/network size to support efforts to increase security through improved security in software, hardware, and best practices operational procedures. This public policy role also extends to addressing response to and recovery from cyber incidents. 11. Awareness raising can be achieved through consistently emphasising the necessity of security at every opportunity. Education, training, press releases, Web sites, public announcements, offering tools and kits are among the current identified means to raise awareness. Government should continue to emphasise the importance of awareness of the risks and available safeguards to participants. Such awareness-raising campaigns should aim to ensure that participants become fully aware that: Information systems and networks can be affected by both internal and external risks. Security failures may significantly harm systems and networks both under and outside of their control. There is potential harm to and from others arising from interconnectivity and interdependency. It is important to understand the configuration of, and the availability of updates for, their system, its place within networks, good practices that they can implement to enhance security, and the needs of other participants. They should adopt safeguards/solutions to deal with known threats and vulnerabilities. They should develop security goals that are appropriate to their needs in preventing, detecting and responding to threats and vulnerabilities. They should be accountable in a manner appropriate to their individual roles. They should review their own policies, practices, measures, and procedures regularly and assess whether these are appropriate to their environments. 12. Examples of initiatives in this category can be found on the Web sites of several governments including at the US Federal Trade Commission: 4

5 13. Exchange of best practice should facilitate users ability to better understand and achieve the goal of effective and up-to-date security measures. 14. In designing education and information programmes, not only tips to ensure the security of the systems and networks are necessary, but also emphasis on the ethics to promote conduct that recognizes security needs and respects the legitimate interests of others. Government initiated education and outreach programmes should also promote conduct that aims at ensuring security in a manner consistent with the values recognised by democratic societies including the freedom to exchange thoughts and ideas, the free flow of information, the confidentiality of information and communication, the appropriate protection of personal information, openness and transparency. Assessing the impact of planned security measures on these values should also be encouraged. 15. Further efforts are necessary so that users of the systems and networks should know how to set up and maintain their systems and networks, be aware of the latest vulnerabilities, and know whether or not software patches are available. They should also know what to do when security incidents occur, including timely action for seeking help. 16. Further efforts are necessary for the development of information security educational programmes wherever IT use is taught, such as in engineer education, health education or general computer education programmes currently undertaken in schools and universities. 17. Useful sites such as those of CERT 1 or SANS 2 and various industry information sharing and analysis centres (ISAC) have been established. Further efforts are necessary to continue to support such initiatives to establish sources of practical information and publication of the references to such sources. Governments should encourage participants, especially business, to utilise, share and distribute useful information through such institutions. B. Government as owner and operator of information systems and networks 18. Government must address the principles of risk assessment, security design and implementation, security management, and reassessment, just as any other owner and operator of information systems and networks. Government should develop policies that reflect best practices in security management and risk assessment. Security management should be based on a risk assessment that identifies threats and vulnerabilities and is sufficiently broad-based to encompass key internal and external factors, such as technology, physical and human factors, policies and third-party services with security implications. Government s security management should also be dynamic, encompassing all levels of government s activities and all aspects of their operations. It should include forward-looking responses to emerging threats and address prevention, detection and response to incidents, systems recovery, ongoing maintenance, review and audit. And, these information system and network security policies, practices, measures and procedures should be co-ordinated and integrated to create a coherent system of security. Internationally recognised information security management standards, such as ISO standards and industry-specific standards, may be used to establish an effective system of security management. 19. Because of the size of its operations, government has a special responsibility to become a model owner/operator and to lead by example. Government can thus use its operational expertise to facilitate the development of best practices and other operational improvements for the benefit of all participants. 1. Computer Emergency Response Team, Carnegie-Mellon University: 2. SANS (SysAdmin, Audit, Network, Security) Institute. For example, in October 2002, SANS Institute and the FBI released a list summarising the Twenty Most Critical Internet Security Vulnerabilities; 5

6 Government can also use its significant purchasing power in information systems and networks to encourage the development and expanded availability of more secure products and services. C. Government as user of information systems and networks 20. As a user of information systems and networks, government has a responsibility to ensure that its use is consistent with the Guidelines, in particular the ethics and democracy principles, and thus contributes to a secure global system. Because individual government employees constitute government use, government must ensure its employees are aware of security concerns, their individual responsibilities and have the capability to respond in an appropriate way to security incidents. Development by government of an appropriate security environment, training, and tools will not only facilitate security on government systems and networks, but can also serve as foundation elements for government s outreach as a public policy matter. III. Roles of business and civil society A. Business as owner and operator of information systems and networks 21. As with government, business must address the principles of risk assessment, security design and implementation, security management, and reassessment. Security management should be based on a risk assessment that identifies threats and vulnerabilities and is sufficiently broad-based to encompass key internal and external factors, such as technology, physical and human factors, policies and third-party services with security implications. This will be enhanced through ongoing dialogue between business and government. 22. The ICT industry in particular has a role in ensuring that their products and services reflect sound security practices. In this regard the industry can play a leadership role in the development of internationally accepted standards, including through, but not limited to, involvement in the activities of standards bodies such as ISO 3 and IETF. 4 B. Business and civil society as users of information systems and networks 23. As users of information systems and networks, business and civil society have a responsibility to ensure that their use is consistent with the Guidelines, in particular with the security design and implementation and security management principles, and thus contributes to a secure global system. This will be facilitated in part by government s awareness-raising activities referred to under II.A.2, but also must be a matter of initiative taken on by each participant. 3. The International Organisation for Standardisation. 4. The Internet Engineering Task Force. 6

A Business Perspective on Promoting Cybersecurity. Art Reilly Cisco Systems For the ICC

A Business Perspective on Promoting Cybersecurity. Art Reilly Cisco Systems For the ICC A Business Perspective on Promoting Cybersecurity Art Reilly Cisco Systems For the ICC Topics Culture of Cybersecurity Role of Business Cooperation with the Stakeholders ICC Companion documents to the

More information

Working Party on Information Security and Privacy

Working Party on Information Security and Privacy Unclassified DSTI/ICCP/REG(2005)1/FINAL DSTI/ICCP/REG(2005)1/FINAL Unclassified Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 16-Dec-2005

More information

ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT

ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT 2 OECD RECOMMENDATION OF THE COUNCIL ON THE PROTECTION OF CRITICAL INFORMATION INFRASTRUCTURES ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT The OECD is a unique forum where the governments of

More information

DSTI/ICCP/REG(98)10/FINAL Or. Eng.

DSTI/ICCP/REG(98)10/FINAL Or. Eng. Unclassified DSTI/ICCP/REG(98)10/FINAL DSTI/ICCP/REG(98)10/FINAL Or. Eng. Unclassified Organisation de Coopération et de Développement Economiques OLIS : 18-Dec-1998 Organisation for Economic Co-operation

More information

Cyber Security Recommendations October 29, 2002

Cyber Security Recommendations October 29, 2002 Cyber Security Recommendations October 29, 2002 Leading Co-Chair (Asia/Oceania) Co-Chair (Americas) Co-Chair (Europe/Africa) Dr. Hiroki Arakawa Executive Vice President NTT Data Corporation Richard Brown

More information

GLOBAL CONFERENCE ON CYBERSPACE 2015 CHAIR S STATEMENT

GLOBAL CONFERENCE ON CYBERSPACE 2015 CHAIR S STATEMENT GLOBAL CONFERENCE ON CYBERSPACE 2015 CHAIR S STATEMENT Introduction 1. On 16 and 17 April 2015 representatives of governments, international organisations, businesses, civil society, academia and the technical

More information

Business-Facilitati on Steering Group APEC CYBERSECURITY STRATEGY

Business-Facilitati on Steering Group APEC CYBERSECURITY STRATEGY B APEC CYBERSECURITY STRATEGY Doc no: telwg26/ BFSG/22 Agenda item: Business-Facilitati on Steering Group Submitted by: USA delegation APEC CYBERSECURITY STRATEGY Contact: Joseph Richardson Email: richardsonjp@state.gov

More information

ITU National Cybersecurity/CIIP Self-Assessment Tool

ITU National Cybersecurity/CIIP Self-Assessment Tool ITU National Cybersecurity/CIIP Self-Assessment Tool ICT Applications and Cybersecurity Division Policies and Strategies Department ITU Telecommunication Development Sector April 2009 Revised Draft For

More information

Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks

Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks Please cite this paper as: OECD (2012), Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks, OECD Digital Economy Papers, No. 210, OECD Publishing.

More information

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing

More information

ASEAN s Cooperation on Cybersecurity and against Cybercrime

ASEAN s Cooperation on Cybersecurity and against Cybercrime ASEAN s Cooperation on Cybersecurity and against Cybercrime Presentation by the ASEAN Secretariat Octopus Conference: Cooperation Against Cybercrime 4 December 2013, Strasbourg, France Outline ASEAN Mechanisms

More information

EU Cybersecurity Policy & Legislation ENISA s Contribution

EU Cybersecurity Policy & Legislation ENISA s Contribution EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA

More information

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708

More information

PROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security

PROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security PROPOSAL 20 Resolution 130 of Marrakesh on the role of ITU in information and network security Submitted by the following Member States: Germany (Federal Republic of), Austria, Belarus (Republic of), Bulgaria

More information

Submissions from entities in the United Nations system and elsewhere on their efforts in 2013 to implement the outcome of the WSIS.

Submissions from entities in the United Nations system and elsewhere on their efforts in 2013 to implement the outcome of the WSIS. COMMISSION ON SCIENCE AND TECHNOLOGY FOR DEVELOPMENT (CSTD) Seventeenth Session Geneva, 12 to 16 May 2014 Submissions from entities in the United Nations system and elsewhere on their efforts in 2013 to

More information

Making Privacy Notices Simple

Making Privacy Notices Simple Please cite this paper as: OECD (2006), Making Privacy Notices Simple: An OECD Report and Recommendations, OECD Digital Economy Papers, No. 120, OECD Publishing. http://dx.doi.org/10.1787/231428216052

More information

Okinawa Charter on Global Information Society

Okinawa Charter on Global Information Society Okinawa Charter on Global Information Society 1. Information and Communications Technology (IT) is one of the most potent forces in shaping the twenty-first century. Its revolutionary impact affects the

More information

Information Governance Strategy & Policy

Information Governance Strategy & Policy Information Governance Strategy & Policy March 2014 CONTENT Page 1 Introduction 1 2 Strategic Aims 1 3 Policy 2 4 Responsibilities 3 5 Information Governance Reporting Structure 4 6 Managing Information

More information

European priorities in information security

European priorities in information security European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria

More information

10128/16 LB/dk 1 DGD 1C

10128/16 LB/dk 1 DGD 1C Council of the European Union Brussels, 13 June 2016 (OR. en) 10128/16 OUTCOME OF PROCEEDINGS From: On: 9 June 2016 To: General Secretariat of the Council Delegations No. prev. doc.: 8770/16, 8819/16 Subject:

More information

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe,

The Committee of Ministers, under the terms of Article 15.b of the Statute of the Council of Europe, Recommendation CM/Rec(2014)1 of the Committee of Ministers to member States on the Council of Europe Charter on shared social responsibilities 1 (Adopted by the Committee of Ministers on 22 January 2014

More information

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region

Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region CyberCrime@EAP EU/COE Eastern Partnership Council of Europe Facility: Cooperation against Cybercrime Strategic Priorities for the Cooperation against Cybercrime in the Eastern Partnership Region Adopted

More information

RECOMMENDATIONS COMMISSION

RECOMMENDATIONS COMMISSION 16.5.2009 Official Journal of the European Union L 122/47 RECOMMENDATIONS COMMISSION COMMISSION RECOMMENDATION of 12 May 2009 on the implementation of privacy and data protection principles in applications

More information

Committee of Ministers - The promotion of Internet and online media services a...

Committee of Ministers - The promotion of Internet and online media services a... Page 1 of 5 Ministers Deputies CM Documents CM/AS(2010)Rec1882 final 18 June 2010 The promotion of Internet and online media services appropriate for minors Parliamentary Assembly Recommendation 1882 (2009)

More information

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY CSCSS / ENTERPRISE TECHNOLOGY + SECURITY C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CENTRE FOR STRATEGIC CSCSS CYBERSPACE + SECURITY SCIENCE CSCSS / ENTERPRISE TECHNOLOGY + SECURITY GROUP Information

More information

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report

ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012. Co-Chair s Summary Report ASEAN Regional Forum Cyber Incident Response Workshop Republic of Singapore 6-7 September 2012 Co-Chair s Summary Report 1. Pursuant to the 18 th ASEAN Regional Forum (ARF) Ministerial meeting in Bali,

More information

E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION

E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION 1. Introduction E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION Australia s national security and economic and social well-being rely upon the use and availability of a range of Information

More information

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY APPENDIX A A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY INTRODUCTION The Internet and related networks

More information

Honourable members of the National Parliaments of the EU member states and candidate countries,

Honourable members of the National Parliaments of the EU member states and candidate countries, Speech by Mr Rudolf Peter ROY, Head of division for Security Policy and Sanctions of the European External Action Service, at the L COSAC Meeting 29 October 2013, Vilnius Honourable members of the National

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

COMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. of 12.5.2009

COMMISSION OF THE EUROPEAN COMMUNITIES COMMISSION RECOMMENDATION. of 12.5.2009 COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 12.5.2009 C(2009) 3200 final COMMISSION RECOMMENDATION of 12.5.2009 on the implementation of privacy and data protection principles in applications supported

More information

Lessons from Defending Cyberspace

Lessons from Defending Cyberspace Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

Working Party on Information Security and Privacy

Working Party on Information Security and Privacy Working Party on Information Security and Privacy WPISP Identity management - Internet - Data controller - PKI - Vulnerabilities - Fingerprint - Critical Information Infrastructure - Privacy and Data Protection

More information

Committees Date: Subject: Public Report of: For Information Summary

Committees Date: Subject: Public Report of: For Information Summary Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security

More information

Future of the Internet Cyber Security

Future of the Internet Cyber Security Future of the Internet Cyber Security Issue Leader (Asia/Oceania): Shigemi Tamura Chairman Tokyo Electric Power Company (TEPCO) November, 2003 Implementing a Culture of Security New issues in cyber security

More information

Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development

Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development RECOMMENDATION OF THE OECD COUNCIL CONCERNING GUIDELINES FOR CONSUMER PROTECTION IN THE

More information

Digital Identity Management for Natural Persons

Digital Identity Management for Natural Persons Please cite this paper as: OECD (2011), Digital Identity Management for Natural Persons: Enabling Innovation and Trust in the Internet Economy - Guidance for Government Policy Makers, OECD Digital Economy

More information

COUNCIL OF THE EUROPEAN UNION. Brussels, 8 May 2008 9207/08 EDUC 144 SOC 276 CULT 67 COMPET 178 RECH 173. NOTE from: Presidency

COUNCIL OF THE EUROPEAN UNION. Brussels, 8 May 2008 9207/08 EDUC 144 SOC 276 CULT 67 COMPET 178 RECH 173. NOTE from: Presidency COUNCIL OF THE EUROPEAN UNION Brussels, 8 May 2008 9207/08 EDUC 144 SOC 276 CULT 67 COMPET 178 RECH 173 NOTE from: Presidency to: Council No prev. doc. 8752/08 EDUC 119 SOC 243 CULT 59 COMPET 152 RECH

More information

OUTCOME OF PROCEEDINGS

OUTCOME OF PROCEEDINGS Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November

More information

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD

More information

Cybersecurity in the Commonwealth: Setting the Stage

Cybersecurity in the Commonwealth: Setting the Stage Cybersecurity in the Commonwealth: Setting the Stage Tim Unwin Secretary General Commonwealth Telecommunications Organisation CTO Cybersecurity Forum, Yaoundé 24 th April 2013 For governments Imagine if

More information

Legal Frameworks to Combat Cybercrime An Overview of Efforts in Asia-Pacific

Legal Frameworks to Combat Cybercrime An Overview of Efforts in Asia-Pacific Legal Frameworks to Combat Cybercrime An Overview of Efforts in Asia-Pacific Richard W. Downing Cybercrime Project Overseer e-security Task Group Asia Pacific Economic Cooperation Overview APEC Leaders

More information

Council of the European Union Brussels, 5 March 2015 (OR. en)

Council of the European Union Brussels, 5 March 2015 (OR. en) Council of the European Union Brussels, 5 March 2015 (OR. en) Interinstitutional File: 2013/0027 (COD) 6788/15 LIMITE TELECOM 59 DATAPROTECT 23 CYBER 13 MI 139 CSC 55 CODEC 279 NOTE From: Presidency To:

More information

ITI Cybersecurity Principles for Industry and Government

ITI Cybersecurity Principles for Industry and Government ITI Cybersecurity Principles for Industry and Government Danielle Kriz Director, Global Cybersecurity Policy Information Technology Industry Council IEEE CQR Meeting, Naples, FL May 12, 2011 About ITI

More information

Executive Order 13636: The Healthcare Sector and the Cybersecurity Framework. September 23, 2014

Executive Order 13636: The Healthcare Sector and the Cybersecurity Framework. September 23, 2014 Executive Order 13636: The Healthcare Sector and the Cybersecurity Framework September 23, 2014 Executive Order: Improving Critical Infrastructure Cybersecurity It is the policy of the United States to

More information

Middle Class Economics: Cybersecurity Updated August 7, 2015

Middle Class Economics: Cybersecurity Updated August 7, 2015 Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

More information

Actions and Recommendations (A/R) Summary

Actions and Recommendations (A/R) Summary Actions and Recommendations (A/R) Summary Priority I: A National Cyberspace Security Response System A/R 1-1: DHS will create a single point-ofcontact for the federal government s interaction with industry

More information

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security

For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE. Cyber Security For Discussion Paper No. 9/2011 on 3 November 2011 DIGITAL 21 STRATEGY ADVISORY COMMITTEE Cyber Security Purpose This paper briefs Members on the global cyber security outlook facing governments of some

More information

Specific comments on Communication

Specific comments on Communication Comments on Joint Communication to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions Cybersecurity Strategy of the European Union: An Open,

More information

Cyber Stability 2015 Geneva, 09 July 2015. African Union Perspectives on Cybersecurity and Cybercrime Issues.

Cyber Stability 2015 Geneva, 09 July 2015. African Union Perspectives on Cybersecurity and Cybercrime Issues. Cyber Stability 2015 Geneva, 09 July 2015 African Union Perspectives on Cybersecurity and Cybercrime Issues. FACTS AND FIGURES As African countries increase access to broadband Internet, issues relating

More information

TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL

TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL TRINIDAD AND TOBAGO CYBER SECURITY AGENCY POLICY AND BILL Presented By: Sunita Ramsumair Legal Officer Ministry of National Security September 29, 2014 Format of Presentation Background Trinidad and Tobago

More information

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL EUROPEAN COMMISSION Brussels, 7.2.2013 COM(2013) 48 final 2013/0027 (COD) Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL concerning measures to ensure a high common level of network

More information

EU Cybersecurity: Ensuring Trust in the European Digital Economy

EU Cybersecurity: Ensuring Trust in the European Digital Economy EU Cybersecurity: Ensuring Trust in the European Digital Economy Synthesis of the FIC Breakfast-Debate 15 October 2013, Brussels With the participation of Tunne Kelam Member of the European Parliament'

More information

DECLARATION ON STRENGTHENING GOOD GOVERNANCE AND COMBATING CORRUPTION, MONEY-LAUNDERING AND THE FINANCING OF TERRORISM

DECLARATION ON STRENGTHENING GOOD GOVERNANCE AND COMBATING CORRUPTION, MONEY-LAUNDERING AND THE FINANCING OF TERRORISM MC.DOC/2/12 Organization for Security and Co-operation in Europe Ministerial Council Dublin 2012 Original: ENGLISH Second day of the Nineteenth Meeting MC(19) Journal No. 2, Agenda item 7 DECLARATION ON

More information

AG/RES. 2004 CYBER SECURITY STRATEGY (RESOLUTION)

AG/RES. 2004 CYBER SECURITY STRATEGY (RESOLUTION) AG/RES. 2004 CYBER SECURITY STRATEGY (RESOLUTION) AG/RES. 2004 (XXXIV-O/04) ADOPTION OF A COMPREHENSIVE INTER-AMERICAN STRATEGY TO COMBAT THREATS TO CYBERSECURITY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY

More information

Organisation de Coopération et de Développement Économiques Organisation for Economic Co-operation and Development. English/French COUNCIL

Organisation de Coopération et de Développement Économiques Organisation for Economic Co-operation and Development. English/French COUNCIL Unclassified C(2012)100/FINAL Organisation de Coopération et de Développement Économiques Organisation for Economic Co-operation and Development 11-Oct-2012 English/French COUNCIL C(2012)100/FINAL Unclassified

More information

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy

DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Performance, Risk and Business Continuity Management Policy Not Protectively Marked Item 6 Appendix B DORSET & WILTSHIRE FIRE AND RESCUE AUTHORITY Management Policy The Dorset & Wiltshire Fire and Rescue Authority () is the combined fire and rescue authority for

More information

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD

CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD CYBER SECURITY STRATEGY OF THE CZECH REPUBLIC FOR THE 2011 2015 PERIOD The 2011 2015 Cyber Security Strategy of the Czech Republic is linked to the Security Strategy of the Czech Republic and reflects

More information

Towards closer EU-ASEAN collaboration in cybersecurity

Towards closer EU-ASEAN collaboration in cybersecurity Supporting European Union and Southeast Asia ICT strategic partnership and policy dialogue: Connecting ICT EU-SEA Research, Development and Innovation Knowledge Networks Towards closer EU-ASEAN collaboration

More information

CEN and CENELEC response to the EC Consultation on Standards in the Digital Single Market: setting priorities and ensuring delivery January 2016

CEN and CENELEC response to the EC Consultation on Standards in the Digital Single Market: setting priorities and ensuring delivery January 2016 CEN Identification number in the EC register: 63623305522-13 CENELEC Identification number in the EC register: 58258552517-56 CEN and CENELEC response to the EC Consultation on Standards in the Digital

More information

CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES

CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES COMMITTEE OF EXPERTS ON TERRORISM (CODEXTER) CYBERTERRORISM THE USE OF THE INTERNET FOR TERRORIST PURPOSES UNITED STATES OF AMERICA September 2007 Kapitel 1 www.coe.int/gmt The responses provided below

More information

Our reputation will be upheld if we act with

Our reputation will be upheld if we act with MANAGING DIRECTOR S MESSAGE Although jointly owned by BP Southern Africa and Shell SA Refining, SAPREF operates as an independent entity with wide freedom of action. However, we are judged by how we act

More information

SUMMARY OF THE IMPACT ASSESSMENT

SUMMARY OF THE IMPACT ASSESSMENT COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, 22.5.2007 SEC(2007) 641 COMMISSION STAFF WORKING DOCUMENT Accompanying document to the COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE

More information

United Nations General Assembly s Overall Review of the Implementation of WSIS Outcomes

United Nations General Assembly s Overall Review of the Implementation of WSIS Outcomes United Nations General Assembly s Overall Review of the Implementation of WSIS Outcomes Zero Draft Preamble 1. Recalling the request in paragraph 111 of the Tunis Agenda for the Information Society to

More information

COMMISSION OF THE EUROPEAN COMMUNITIES

COMMISSION OF THE EUROPEAN COMMUNITIES EN EN EN COMMISSION OF THE EUROPEAN COMMUNITIES Brussels, [ ] COM(2006) 251 COMMUNICATION FROM THE COMMISSION TO THE COUNCIL, THE EUROPEAN PARLIAMENT, THE EUROPEAN ECONOMIC AND SOCIAL COMMITTEE AND THE

More information

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009

Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones. Tbilisi 28-29, September 2009 Council of Europe Project on Cybercrime in Georgia Report by Virgil Spiridon and Nigel Jones Tbilisi 28-29, September 2009 Presentation Contents An assessment of the Georgian view of cybercrime and current

More information

For further information, please contact Edwin Lau, Tel (33-1) 45 24 80 36; E-mail: edwin.lau@oecd.org

For further information, please contact Edwin Lau, Tel (33-1) 45 24 80 36; E-mail: edwin.lau@oecd.org Unclassified PUMA/A(2002)1 PUMA/A(2002)1 Unclassified Organisation de Coopération et de Développement Economiques Organisation for Economic Co-operation and Development 27-Feb-2002 English - Or. English

More information

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

More information

Cybersecurity Governance

Cybersecurity Governance AfriSIG 2014 Cybersecurity Governance Pria.za.africa Encoding Cybersecurity Norms and Principles Issues, Developments and Approaches Cybersecurity Governance Political Will and Leadership Institutional

More information

ROADMAP. Proposal on a European Strategy for Internet Security

ROADMAP. Proposal on a European Strategy for Internet Security TITLE OF THE INITIATIVE ROADMAP Proposal on a European Strategy for Internet Security TYPE OF INITIATIVE xcwp Non-CWP Implementing act/delegated act LEAD DG RESPONSIBLE UNIT INFSO A3 EXPECTED DATE OF ADOPTION

More information

STRATEGIC PLAN 2013/2014 TO 2015/2016

STRATEGIC PLAN 2013/2014 TO 2015/2016 STRATEGIC PLAN 2013/2014 TO 2015/2016 1. WCO Strategic Plan Introduction 1. The purpose of this document is to present the WCO Strategic Plan that was approved by the Council in June 2013 for the years

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL EUROPEAN COMMISSION Brussels, XXX [ ](2012) XXX draft Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL concerning measures to ensure a high common level of network and information

More information

European Youth Forum Policy Paper Guiding Principles on Common Objectives for Voluntary activities and Greater understanding of young people

European Youth Forum Policy Paper Guiding Principles on Common Objectives for Voluntary activities and Greater understanding of young people European Youth Forum Policy Paper Guiding Principles on Common Objectives for Voluntary activities and Greater understanding of young people Adopted by the Council of Members, 21-22 November 2003 Rome

More information

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES

CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES CYBER SECURITY AND CYBER DEFENCE IN THE EUROPEAN UNION OPPORTUNITIES, SYNERGIES AND CHALLENGES By Wolfgang Röhrig, Programme Manager Cyber Defence at EDA and Wg Cdr Rob Smeaton, Cyber Defence Staff Officer

More information

DIGITAL AGENDA FOR LATIN AMERICA AND THE CARIBBEAN (elac2018)

DIGITAL AGENDA FOR LATIN AMERICA AND THE CARIBBEAN (elac2018) 7 August 2015 ENGLISH ORIGINAL: SPANISH Fifth Ministerial Conference on the Information Society in Latin America and the Caribbean Mexico City, 5-7 August 2015 DIGITAL AGENDA FOR LATIN AMERICA AND THE

More information

EU-U.S. DECLARATION ON COMBATING TERRORISM DROMOLAND CASTLE, 26 JUNE 2004

EU-U.S. DECLARATION ON COMBATING TERRORISM DROMOLAND CASTLE, 26 JUNE 2004 COUNCIL OF THE EUROPEAN UNION Dromoland Castle, 26 June 2004 10760/04 (Presse 205) EU-U.S. DECLARATION ON COMBATING TERRORISM DROMOLAND CASTLE, 26 JUNE 2004 Since the attacks of 11 September 2001, the

More information

Cybersecurity and the Romanian business environment in the regional and European context

Cybersecurity and the Romanian business environment in the regional and European context KPMG Legal Cybersecurity and the Romanian business environment in the regional and European context Developing a cybersecurity culture for the users of digital and communications systems has become a mandatory

More information

Council Conclusions on a Concerted Work Strategy and Practical Measures Against Cybercrime

Council Conclusions on a Concerted Work Strategy and Practical Measures Against Cybercrime COU CIL OF THE EUROPEA U IO EN Council Conclusions on a Concerted Work Strategy and Practical Measures Against Cybercrime 2987th JUSTICE and HOME AFFAIRS Council meeting Brussels, 27-28 ovember 2008 The

More information

Internet Technical Advisory Committee to the OECD - Charter -

Internet Technical Advisory Committee to the OECD - Charter - Internet Technical Advisory Committee to the OECD - Charter - I. Terms of reference The positive input of the technical community in the ICCP s work and the Ministerial was acknowledged by OECD ministers

More information

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch Building Blocks of a Cyber Resilience Program Monika Josi monika.josi@safis.ch About me Chief Security Advisor for Microsoft Europe, Middle East and Africa providing support to Governments and CIIP until

More information

Business Continuity Management Framework 2014 2017

Business Continuity Management Framework 2014 2017 Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity

More information

Cyber Security Strategy

Cyber Security Strategy 2014 2017 Cyber Security Strategy Ministry of Economic Affairs and Communication 2014 TABLE OF CONTENTS Introduction... 2 1. Analysis of current situation... 2 1.1. Sectoral progress... 2 1.2. Trends...

More information

European Union / Council of Europe Project on Cybercrime in Georgia. Tbilisi-2 March 2010

European Union / Council of Europe Project on Cybercrime in Georgia. Tbilisi-2 March 2010 European Union / Council of Europe Project on Cybercrime in Georgia Tbilisi-2 March 2010 How to create a specialized cyber crime unit Recommendations Priorities How to create a specialized cyber crime

More information

Cybersecurity for ALL

Cybersecurity for ALL Cybersecurity for ALL An Overview of ITU s Cybersecurity Activities UNECE International Conference on Technological Readiness for Innovationbased Competitiveness 30 in Geneva, Switzerland Christine Sund

More information

Homeland Security: Information Assurance Challenges and Opportunities. Building the National Cyber Security Division

Homeland Security: Information Assurance Challenges and Opportunities. Building the National Cyber Security Division Homeland Security: Information Assurance Challenges and Opportunities Building the National Cyber Security Division The Homeland Security Act and national strategies direct DHS to take the lead on cyber

More information

BSA GLOBAL CYBERSECURITY FRAMEWORK

BSA GLOBAL CYBERSECURITY FRAMEWORK 2010 BSA GLOBAL CYBERSECURITY FRAMEWORK BSA GLOBAL CYBERSECURITY FRAMEWORK Over the last 20 years, consumers, businesses and governments 1 around the world have moved online to conduct business, and access

More information

The Hague uclear Security Summit Communiqué

The Hague uclear Security Summit Communiqué COUCIL OF TH UROPA UIO N The Hague, 25 March 2014 8193/14 (OR. en) PRSS 187 The Hague uclear Security Summit Communiqué We, the leaders, met in The Hague on 24 and 25 March 2014 to strengthen nuclear security,

More information

National Cyber Security Strategy 2015-2017

National Cyber Security Strategy 2015-2017 National Cyber Security Strategy 2015-2017 Table of Contents Table of Contents...i Executive Summary... 1 1. Introduction... 2 2. Context - People, Economy, and State... 4 3. Guiding Principles... 10 4.

More information

NIST Cybersecurity Framework Overview

NIST Cybersecurity Framework Overview NIST Cybersecurity Framework Overview Executive Order 13636 Improving Critical Infrastructure Cybersecurity 2nd ENISA International Conference on Cyber Crisis Cooperation and Exercises Executive Order

More information

STRATEGIC PRIORITIES 2013-2018

STRATEGIC PRIORITIES 2013-2018 STRATEGIC PRIORITIES 2013-2018 ADOPTED BY THE EXTRAORDINARY GENERAL ASSEMBLY BRUSSELS, BELGIUM 22 APRIL 2012 1 INTRODUCTION A strategy is a combination of the goals for which an organisation strives and

More information

The EBF would like to take the opportunity to note few general remarks on key issues as follows:

The EBF would like to take the opportunity to note few general remarks on key issues as follows: Ref.:EBF_001314 Brussels, 17 June 2013 Launched in 1960, the European Banking Federation is the voice of the European banking sector from the European Union and European Free Trade Association countries.

More information

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK

INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK INFORMATION GOVERNANCE OPERATING POLICY & FRAMEWORK Log / Control Sheet Responsible Officer: Chief Finance Officer Clinical Lead: Dr J Parker, Caldicott Guardian Author: Associate IG Specialist, Yorkshire

More information

Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING

Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING Section by Section DEPARTMENT OF HOMELAND SECURITY CYBERSECURITY AUTHORITY AND INFORMATION SHARING Sec. 1. Department of Homeland Security Cybersecurity Authority Section 1(a) amends Title II of the Homeland

More information

REPUBLIC OF POLAND Ministry of Administration and Digitisation, Internal Security Agency CYBERSPACE PROTECTION POLICY OF THE REPUBLIC OF POLAND

REPUBLIC OF POLAND Ministry of Administration and Digitisation, Internal Security Agency CYBERSPACE PROTECTION POLICY OF THE REPUBLIC OF POLAND REPUBLIC OF POLAND Ministry of Administration and Digitisation, Internal Security Agency CYBERSPACE PROTECTION POLICY OF THE REPUBLIC OF POLAND REPUBLIC OF POLAND Ministry of Administration and Digitisation,

More information

Summary. Remit and points of departure

Summary. Remit and points of departure Summary The digital society and the digital economy are already here. Digitalisation means that it is becoming natural for people, organisations and things to communicate digitally. This changes how we

More information

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary

Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary Government Decision No. 1139/2013 (21 March) on the National Cyber Security Strategy of Hungary 1. The Government hereby approves the National Cyber Security Strategy of Hungary laid down in Annex No.

More information

CYBER SECURITY STRATEGY AN OVERVIEW

CYBER SECURITY STRATEGY AN OVERVIEW CYBER SECURITY STRATEGY AN OVERVIEW Commonwealth of Australia 2009 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced by any process without

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information